1 files changed, 66 insertions, 2 deletions
diff --git a/manifests/init.pp b/manifests/init.pp
index b8be630..736ed79 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,19 +1,52 @@
 # @summary Configures PHPLDAPAdmin
 # @param servername
 #   Pretty name for the server
+#
+#   Only used if `$ldap_servers` is unset.
 # @param server_uri
 #   Address of ldap server to connect to
+# /* Examples:
+#    'ldap.example.com',
+#    'ldaps://ldap.example.com/',
+#    'ldapi://%2fusr%local%2fvar%2frun%2fldapi'
+#            (Unix socket at /usr/local/var/run/ldap) */
+#
+#   Only used if `$ldap_servers` is unset.
 # @param port
 #   Port of ldap server to connect to
+#
+#   Only used if `$ldap_servers` is unset.
 # @param debug_mode
 # @param tmpdir
 # @param timezone
 # @param friendly_attrs
 # @param auth_type
+# @param blowfish_secret
+#   phpLDAPadmin can encrypt the content of sensitive cookies if you
+#   set this to a big random string.
+# @param base_dn
+#   Optional list of base DNs of the ldap server. If left blank
+#   then phpLDAPadmin auto-detect it for you
+# @param bind_dn_template
+#   If login_attr was set to 'dn', it is possible to specify a template string to
+#   build the DN from. Use '%s' where user input should be inserted. A user may
+#   still enter the complete DN. In this case the template will not be used.
+#
+#   Example: "cn=%s,ou=people,dc=example,dc=com"
+# @param config_file
+#   Path to the configuration file.
+#   TODO manage the symlink from the webroot to the configuration file.
+# @param ldap_servers
+#   List of configured ldap servers. Defaults to a single server
+#   consisting of $server_uri, $servername, and $port.
+#
+# @param open_tree
+# @param base_config_order
 class phpldapadmin (
   String $servername = 'My LDAP Server',
   String $server_uri = '127.0.0.1',
-  Integer[0, 65535] $port = 389,
+  Optional[Integer[0, 65535]] $port = undef,
+  String $config_file = '/etc/webapps/phpldapadmin/config.php',
   Boolean $debug_mode = false,
   String $tmpdir = '/tmp',
   Optional[String] $timezone = undef,
@@ -26,9 +59,24 @@ class phpldapadmin (
     'userPassword'             => 'Password',
   },
   Enum['cookie', 'session', 'http', 'config', 'sasl', 'sasl_external'] $auth_type = 'session',
+  Array[Struct[{
+        name => Optional[String],
+        host => String,
+        port => Optional[Stdlib::Port],
+  }]] $ldap_servers = [{
+      name => $servername,
+      host => $server_uri,
+      port => $port,
+  }],
+  Optional[Sensitive[String]] $blowfish_secret = undef,
+  Optional[Array[String]] $base_dn = undef,
+  Optional[String] $bind_dn_template = undef,
+  Boolean $open_tree = false,
+  Integer $base_config_order = 10,
 ) {
   ensure_packages(['phpldapadmin'])
 
+  # TODO
   # /etc/php7/php.ini
   # extension=ldap
   # exteniosn
@@ -38,7 +86,23 @@ class phpldapadmin (
     ensure => directory,
   }
 
-  file { '/etc/webapps/phpldapadmin/config.php':
+  concat { $config_file:
+    order => 'numeric',
+  }
+
+  concat::fragment { 'phpLDAPadmin header':
+    order  => 0,
+    source => "puppet:///modules/${module_name}/head.php",
+  }
+
+  concat::fragment { 'phpLDAPadmin trailer':
+    order  => 99,
+    source => "puppet:///modules/${module_name}/tail.php",
+  }
+
+  concat::fragment { 'Base phpLDAPadmin configuration':
     content => epp("${module_name}/config.php.epp"),
+    target  => $config_file,
+    order   => $base_config_order,
   }
 }